holdur Posted July 23, 2021 Share Posted July 23, 2021 (edited) Hi, in "insira seu nome" only register numbers, if try any letters return this error: ERROR: : DB error - Unknown column 'Jose' in 'field list' [Debug]: at script.cpp:17079 - UPDATE login SET nome = Jose WHERE account_id = 2000100 Quote CODE: mes [email protected]$; mes "Insira seu nome"; input([email protected]$); query_sql("UPDATE login SET nome = "+ [email protected]$ +" WHERE account_id = "+ getcharid(3)); next; mes [email protected]$; mes "Insira seu CPF"; input [email protected]$; query_sql("UPDATE login SET cpf = "+ [email protected]$ +" WHERE account_id = "+ getcharid(3)); next; mes [email protected]$; mes "Insira sua chave"; input [email protected]$; query_sql("UPDATE login SET chave= "+ [email protected]$ +" WHERE account_id = "+ getcharid(3)); next; mes [email protected]$; mes "Cadastro realizado com ^008000sucesso.^000000"; close; Why i m wrong? Edited July 23, 2021 by holdur Quote Link to comment Share on other sites More sharing options...
0 Emistry Posted August 25, 2021 Share Posted August 25, 2021 use apostrophe to envelope the string, else the SQL engine treat it as column name instead of text. query_sql("UPDATE login SET nome = '"+escape_sql([email protected]$)+"' WHERE account_id = "+ getcharid(3)); query_sql("UPDATE login SET cpf = '"+escape_sql([email protected]$)+"' WHERE account_id = "+ getcharid(3)); query_sql("UPDATE login SET chave= '"+escape_sql([email protected]$)+"' WHERE account_id = "+ getcharid(3)); and all string that insert into SQL database should use escape_sql(...) to escape any special characters Quote Link to comment Share on other sites More sharing options...
Hi, in "insira seu nome" only register numbers, if try any letters return this error:
ERROR:
Edited by holdurLink to comment
Share on other sites